Release DateJan 19, 2012 |
Severitymedium |
ImpactDenial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates an attack attempt against a Buffer Overflow vulnerability in rsyslog.The vulnerability is caused by an error when the software handles specially crafted log message data. It allows a remote attacker to shutdown a remote log daemon. |
Affected Productsrsyslog version 4.6.0 to 4.6.7 inclusive.rsyslog version 5.2.0 to 5.8.4 inclusive. |
Recommended ActionsUpdate to 4.6.8 or 5.8.5http://www.rsyslog.com/rsyslog-4-6-8-v4-stable/ http://www.rsyslog.com/rsyslog-5-8-5-v5-stable/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-3200 |
Reference/shttp://www.rsyslog.com/potential-dos-with-malformed-tag/https://bugzilla.redhat.com/show_bug.cgi?id=727644 http://www.securityfocus.com/bid/49413 (BugTraq) |
